Tor network connections, which people in Iran use to avoid Internet censorship …

Tor network connections from Iran plummeted amidst a new government censorship program

Last week, the Iranian government apparently started a new censorship program that blocks encrypted Internet traffic. Even Iranians who had taken steps to evade government firewalls were being stymied—and the immediate impact can be seen in usage of the Tor network.

Tor anonymizes Internet activity with client software that routs traffic through the Tor network, a worldwide network of relays and bridges set up by volunteers. Iran is second only to the US in Tor usage, with roughly 50,000 Iranians anonymizing their Internet traffic each day by routing it through the Tor network. Yet between Feb. 8 and Feb. 9, connections dropped from about 50,000 to fewer than 20,000, and plummeted to nearly zero by Friday, Feb. 10.

The dramatic change proved the prediction of Tor project member Jacob Appelbaum distressingly accurate. Last week, as reports of the Iranian crackdown began circulating, he warned, "It's likely that more than ~50,000 - ~60,000 Tor users may drop offline." But Appelbaum and his fellow Tor project members had a plan: a new obfuscated bridge (obfsproxy) that makes encrypted traffic appear to be regular traffic. Obfsproxy was an "ace up our sleeve," as Appelbaum described it, and Tor put it into action over the past few days despite its user interface being a bit rough.

Obfsproxy is already helping some Iranians get back online. The number of Tor connections was back up to roughly 15,000 on Saturday, although it's likely obfsproxy is playing only a small role. Tor's statistics show the use of bridges to connect to the Tor network from Iran have inched up only slightly since last week's dropoff. Statistics for Sunday and Monday haven't come in yet.

"It's not clear if Iran has lessened censorship of SSL traffic or if we're having that much of an impact," Tor Executive Director Andrew Lewman told Ars. Regardless of the cause, the dramatic upswing and downswing of Tor connections from Iran provides "a fine graph of what government censorship can do to a country," he said. "We've been working mostly flat out for the past few days to help the people of Iran and it's nice to see that we are having an impact."

On Friday, Appelbaum put out the call to the Tor community to start running obfsproxy bridges. He warned that the software is not easy to set up, that it might be effective for only a few days "at the rate the arms race is progressing," and that people who set up bridges need to either contact the Tor Project or share the bridge addresses directly with users who need them.

Obfsproxy is "still very alpha-quality software," Lewman said. "We're seeing a few thousand connections through obfsproxy relays already. We have roughly 300 obfsproxy relays around the world already, some of them already pushing many megabits per second of traffic. It's definitely picking up as the world awoke over the past 24 hours, to the point where our Web servers alone were handling 500 mbps of download traffic. Our BitTorrent seeds of the software are doing well, too."

Appelbaum promised that an easy-to-use client is in the works, but for now, people setting up bridges or obfsproxy client connections must follow these somewhat complicated instructions.

Tor isn't the only method for staying online in places like Iran. One product called Hotspot Shield uses a VPN to secure Web traffic and bypass firewalls. A Hotspot Shield spokesperson tells Ars "we've observed that the Iran blockades have had no effect on our users."